Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
File: zQPRPdJvAESig_xqEedWoqK1aRs.mft (raw, json)
Hash identifier: GoNGPcoMppdS4BkAlB7XgdOBzi9w28Wo8A2tu+rWwU4=
Subject key identifier: 25:C4:8E:7E:22:AD:4C:8C:7B:EB:2C:9D:25:7A:36:4F:04:F1:DF:89
Authority key identifier: CD:03:D1:3D:D2:6F:00:44:A2:83:FC:6A:11:E7:56:A2:A2:B5:69:1B
Certificate issuer: /CN=cd03d13dd26f0044a283fc6a11e756a2a2b5691b
Certificate serial: 019A7149EE72C17FDBCEB637B37BC7DB51C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQPRPdJvAESig_xqEedWoqK1aRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
Manifest number: 0224
Signing time: Tue 11 Nov 2025 05:01:01 +0000
Manifest this update: Tue 11 Nov 2025 05:01:01 +0000
Manifest next update: Wed 12 Nov 2025 05:01:01 +0000
Files and hashes: 1: yLKyshLk5Y8qo2HfRt0bfJWqtcI.roa (hash: CLpNYZZ3o+zwOI76Lm9XQZQEHlIeProjGVosiuqFQCw=)
2: zQPRPdJvAESig_xqEedWoqK1aRs.crl (hash: Q+WLk71F4x4Uz+NAzXqI4uiZ+/cBFweshgXz34P43v4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zQPRPdJvAESig_xqEedWoqK1aRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:ee:72:c1:7f:db:ce:b6:37:b3:7b:c7:db:51:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd03d13dd26f0044a283fc6a11e756a2a2b5691b
Validity
Not Before: Nov 11 05:01:01 2025 GMT
Not After : Nov 12 05:01:01 2025 GMT
Subject: CN=25c48e7e22ad4c8c7beb2c9d257a364f04f1df89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1b:79:9b:69:a7:dd:a4:0d:77:77:ab:51:2f:
7d:5b:06:b2:04:f8:b9:d4:d9:ae:a8:c5:9b:ee:cb:
62:f1:e2:ec:82:38:ec:5d:36:db:ce:46:e7:eb:66:
54:f2:06:07:55:91:4e:70:dc:ec:f6:f9:c7:ca:6c:
1e:9b:c9:10:99:f5:f3:47:5a:34:55:c4:f9:db:7d:
87:af:7f:70:7e:b1:e6:09:71:d1:de:8e:10:8f:17:
57:f3:a6:f8:a8:12:f3:6b:e0:2e:79:5e:62:42:54:
f2:5b:c3:2c:85:8b:65:6a:09:5a:c6:12:42:f4:e5:
61:0c:b0:f4:65:32:9a:35:60:61:d1:ce:2e:c4:cb:
25:c7:37:9d:18:26:58:40:40:79:84:74:c9:ac:40:
8e:af:fd:59:57:26:3d:53:20:2e:ff:97:9e:e9:30:
28:44:34:ec:45:7a:3f:42:a0:1b:67:f3:25:5f:58:
b4:a3:30:58:68:f7:f2:e8:92:4a:0c:5f:36:b6:c0:
ea:ab:df:99:e0:1a:92:ee:b9:03:1b:17:74:5e:c1:
bc:51:82:e5:6c:c3:c7:3b:79:8a:9a:c3:ba:ea:d4:
35:2e:6c:e7:f3:9c:a0:76:9c:d2:14:de:3b:1b:3e:
03:8a:4a:aa:7d:98:ac:d8:c6:b1:1a:94:62:26:1a:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C4:8E:7E:22:AD:4C:8C:7B:EB:2C:9D:25:7A:36:4F:04:F1:DF:89
X509v3 Authority Key Identifier:
keyid:CD:03:D1:3D:D2:6F:00:44:A2:83:FC:6A:11:E7:56:A2:A2:B5:69:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQPRPdJvAESig_xqEedWoqK1aRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:64:d9:c7:a8:53:64:03:e3:84:b6:80:5d:94:b9:e9:8f:57:
a8:01:6f:11:59:2c:7d:72:7b:98:42:66:bb:1b:f3:eb:24:63:
b9:84:ec:36:19:27:41:39:58:93:62:56:7f:3d:69:b2:eb:2a:
c6:99:08:c8:ef:7f:c5:c4:e6:36:f3:6c:07:8f:9b:4e:5a:1b:
5f:bc:92:37:36:67:ff:9e:5a:b8:12:39:fb:cc:20:dd:d9:fb:
3e:ab:5e:d2:25:17:05:aa:3f:a0:8a:2d:67:f8:10:ee:1f:dc:
c7:c0:09:0d:cd:42:dd:1c:b2:f6:eb:e9:6a:55:06:c1:2c:c9:
63:89:9d:c6:3b:57:4b:9d:c3:20:83:25:9d:92:4f:d8:8b:95:
7c:ae:78:ae:05:88:e3:6f:5d:5b:b2:90:15:0c:ec:b4:ae:e0:
d0:73:44:9b:3f:2b:3c:39:86:d9:9c:c5:02:e0:14:60:ae:42:
6d:cb:d4:55:92:77:36:2b:cb:3a:0e:4d:be:e2:e5:d3:dc:96:
38:a3:1c:94:84:43:8a:ff:ea:4f:11:0c:39:ab:92:04:6a:20:
3a:93:85:27:56:20:63:64:4b:3d:e9:c1:81:9e:e9:a4:25:a4:
b2:1a:18:83:f6:9e:49:48:76:ef:65:f8:63:83:62:0a:0b:5e:
a4:2d:1d:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSe5ywX/bzrY3s3vH21HDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDNkMTNkZDI2ZjAwNDRhMjgzZmM2YTExZTc1NmEyYTJi
NTY5MWIwHhcNMjUxMTExMDUwMTAxWhcNMjUxMTEyMDUwMTAxWjAzMTEwLwYDVQQD
EygyNWM0OGU3ZTIyYWQ0YzhjN2JlYjJjOWQyNTdhMzY0ZjA0ZjFkZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxt5m2mn3aQNd3erUS99WwayBPi5
1NmuqMWb7sti8eLsgjjsXTbbzkbn62ZU8gYHVZFOcNzs9vnHymwem8kQmfXzR1o0
VcT5232Hr39wfrHmCXHR3o4QjxdX86b4qBLza+AueV5iQlTyW8MshYtlaglaxhJC
9OVhDLD0ZTKaNWBh0c4uxMslxzedGCZYQEB5hHTJrECOr/1ZVyY9UyAu/5ee6TAo
RDTsRXo/QqAbZ/MlX1i0ozBYaPfy6JJKDF82tsDqq9+Z4BqS7rkDGxd0XsG8UYLl
bMPHO3mKmsO66tQ1Lmzn85ygdpzSFN47Gz4DikqqfZis2MaxGpRiJhrXFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXEjn4irUyMe+ssnSV6Nk8E8d+JMB8GA1UdIwQY
MBaAFM0D0T3SbwBEooP8ahHnVqKitWkbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFQUlBkSnZBRVNpZ194cUVlZFdvcUsxYVJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jZmQ0MWUtMzk4ZC00ZjFiLTk5OTUt
MWEzZmY1MzJiYzIwLzEvelFQUlBkSnZBRVNpZ194cUVlZFdvcUsxYVJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jZmQ0MWUtMzk4ZC00ZjFiLTk5OTUtMWEzZmY1MzJiYzIw
LzEvelFQUlBkSnZBRVNpZ194cUVlZFdvcUsxYVJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP2TZx6hT
ZAPjhLaAXZS56Y9XqAFvEVksfXJ7mEJmuxvz6yRjuYTsNhknQTlYk2JWfz1psusq
xpkIyO9/xcTmNvNsB4+bTlobX7ySNzZn/55auBI5+8wg3dn7Pqte0iUXBao/oIot
Z/gQ7h/cx8AJDc1C3Ryy9uvpalUGwSzJY4mdxjtXS53DIIMlnZJP2IuVfK54rgWI
429dW7KQFQzstK7g0HNEmz8rPDmG2ZzFAuAUYK5CbcvUVZJ3NivLOg5NvuLl09yW
OKMclIRDiv/qTxEMOauSBGogOpOFJ1YgY2RLPenBgZ7ppCWkshoYg/aeSUh272X4
Y4NiCgtepC0dsA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:37 2025 by rpki-client